SVCRP (Secunia Vulnerability Coordination Reward Program) is a reward incentive offered by Secunia to researchers, who have discovered a vulnerability and would like a third party to confirm their findings and handle the coordination process with the vendor on their behalf.
All classes of vulnerabilities in most products are applicable for SVCRP as long as the following basic criteria are met:
Minor rewards will be continuously awarded to researchers coordinating their discoveries through Secunia based on their individual performance. The two major rewards are currently awarded annually (the first one in January 2012!).
Most Valued Contributor:
This is a yearly prize awarded to the researcher, who based on Secunia Research's judgement has been consistently coordinating correct, clearly detailed vulnerability reports that have been quick and easy to confirm.
Most Interesting Coordination Report:
This is a yearly prize awarded to the researcher, who based on Secunia Research's judgement has been coordinating the most interesting vulnerability (criteria considered are e.g. complexity, impact, affected product, level of detail in provided vulnerability report).
The current list of qualifying conferences are:
The coordination process will follow the same disclosure policy as followed by the Secunia Research team when coordinating internally discovered vulnerabilities.
If you would like to report a vulnerability to Secunia via SVCRP then please send a vulnerability report prefixed with "[SVCRP]" in the subject to email@example.com. The report should contain details on the affected product/version and PoC or detailed steps to trigger the vulnerability to ensure that Secunia Research can reproduce your findings.
If you prefer to send an encrypted vulnerability report then please find our PGP key here.
|ABB DataManager National Instruments Multiple ActiveX Controls Insecure Method Vulnerabilities|
|Apple Mac OS X update for Java|
|Oracle Java Multiple Vulnerabilities|
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.